Privacy Policy - Selfstorage Uxbridge

This Privacy Policy explains how Selfstorage Uxbridge collects, uses, stores, shares, and protects personal data relating to customers, prospective customers, visitors, and any other individuals whose information is processed in connection with our storage services. It applies to all Selfstorage Uxbridge customers in the area and to any person interacting with our services on their behalf.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take privacy seriously and aim to keep personal information secure, limited to what is necessary, and retained only for as long as needed.

1. Who this policy applies to

This policy applies to:

  • Individuals who request a quote or make an enquiry
  • Current and former customers
  • People authorised to access a storage unit or manage an account
  • Individuals who correspond with us about contracts, billing, or service matters
  • Visitors whose information may be collected through security and access systems

Important: by using our services, you acknowledge that your personal data may be processed in line with this policy and applicable data protection law.

2. Personal data we collect

We may collect and process different categories of personal data depending on how you interact with us. This may include:

  • Identity information: full name, date of birth, and identification details
  • Contact information: address, email address, and telephone number
  • Account and contract information: storage unit details, move-in and move-out dates, account references, and contract records
  • Payment information: billing details, payment status, transaction records, and limited payment-related information needed for processing payments
  • Access and security information: CCTV records, access logs, alarm or incident reports, and vehicle registration details where relevant
  • Communication records: emails, messages, call notes, and service enquiries
  • Usage and preference data: service preferences, marketing choices, and communication preferences

In some cases, we may also process special category data or sensitive information if it is voluntarily provided or required for a specific legal reason, though we do not seek such information unnecessarily. Where special category data is processed, we do so only when a lawful basis and relevant condition under data protection law apply.

3. How we use personal data

We use personal data for the following purposes:

  • To register and manage customer accounts
  • To provide storage services and administer access to units
  • To process payments, invoices, refunds, and account balances
  • To communicate about bookings, contract changes, service updates, or disputes
  • To verify identity where needed for security and legal compliance
  • To maintain safety, security, and site management systems
  • To detect and prevent fraud, misuse, loss, or unauthorised access
  • To comply with legal, tax, accounting, insurance, or regulatory obligations
  • To improve our services, systems, and operational performance
  • To manage customer preferences and, where permitted, send relevant updates

We only process personal data for clear and legitimate purposes and do not use it in ways that are incompatible with those purposes.

4. Lawful basis for processing

Under UK GDPR, we must have a lawful basis to process personal data. Depending on the context, we rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up an account, managing storage unit access, taking payments, and delivering our services.

Legal obligation

We may process personal data where necessary to comply with legal duties, such as tax, accounting, fraud prevention, health and safety, or responding to lawful requests from public authorities.

Legitimate interests

We may process personal data when it is reasonably necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include site security, protecting property, preventing misuse, administering business operations, and improving service quality. We balance our interests against your privacy rights before relying on this basis.

Consent

Where required, we rely on your consent, for example for certain types of optional marketing or non-essential communications. You may withdraw consent at any time, and doing so will not affect the lawfulness of processing carried out before withdrawal.

Vital interests and public task

These bases are not commonly used in our ordinary storage operations, but they may apply in rare circumstances where necessary to protect life or fulfil a legal/public function.

5. Data retention

We keep personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Retention periods may vary depending on the type of data and the legal or operational need for keeping it.

  • Customer and contract records: retained for the duration of the relationship and for a reasonable period afterward
  • Financial and tax records: retained for the period required by law and accounting rules
  • Security records: retained only for as long as necessary for safety, incident investigation, or legal purposes
  • Enquiry records: retained for a limited period unless they lead to a contract or are needed for follow-up
  • Marketing preferences: retained until you update your preferences or withdraw consent, where applicable

When data is no longer needed, we will securely delete, anonymise, or dispose of it in a safe and appropriate manner.

6. Processors and third parties

We may share personal data with trusted third parties who act as processors on our behalf. These organisations process personal data only according to our instructions and are required to protect it appropriately.

  • Payment service providers: to process payments and handle transaction-related tasks
  • IT and hosting providers: to store data, maintain systems, and support operational software
  • Security providers: to support CCTV, access control, and site safety systems
  • Professional advisers: such as accountants, lawyers, and auditors where necessary
  • Debt recovery or collection services: where lawful and necessary for unpaid balances
  • Regulators, courts, or law enforcement: where required by law or to defend legal claims

We do not sell your personal data. If data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations or approved contractual protections.

7. Security of personal data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include restricted access, encryption, secure storage, monitoring, staff training, and data minimisation practices. However, no system can be guaranteed to be completely secure.

8. Your rights under UK GDPR

You have rights in relation to your personal data. Subject to legal limitations and verification requirements, these may include:

  • Right of access: to request a copy of the personal data we hold about you
  • Right to rectification: to correct inaccurate or incomplete data
  • Right to erasure: to request deletion of personal data in certain circumstances
  • Right to restriction: to ask us to limit how we use your data
  • Right to object: to object to processing based on legitimate interests or direct marketing
  • Right to data portability: to receive certain data in a structured, commonly used format
  • Right to withdraw consent: where processing is based on consent

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

9. Children’s data

Our services are intended for adults. We do not knowingly collect personal data from children except where necessary and lawful in connection with a customer’s storage arrangement, for example if emergency contact details or authorised access information are provided. If we become aware that we have collected data unlawfully from a child, we will take reasonable steps to delete it.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any changes will take effect when published in the updated version. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

By using Selfstorage Uxbridge services, you acknowledge that you have read and understood this Privacy Policy. We are committed to protecting your privacy and processing your personal data with care, transparency, and respect.

Call Now!
Call Now Get a Quote
Selfstorage Uxbridge

GDPR-compliant Privacy Policy for Selfstorage Uxbridge covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.